Title :
On the Value of Coordination in Distributed Self-Adaptation of Intrusion Detection System
Author :
Rehak, Markus ; Grill, Martin ; Stiborek, Jan
Author_Institution :
Czech Tech. Univ., Prague, Czech Republic
Abstract :
We present an empirical study of distributed adaptation in an Intrusion Detection System. The adaptation model is based on a game-theoretical approach and we use regret minimization techniques to find globally robust behavior. We compare the effectiveness of global optimization, when all system components adopt the globally optimized strategy in a synchronized manner, with a fully distributed approach when two layers in the system adapt their strategies as a result of local adaptation process, with no synchronization or signaling. We show that the use of regret minimization techniques results in stable and long-term optimized behavior in both cases. Our experiments were performed on CAMNEP, an intrusion detection system based on analysis of Net Flow data, and were performed on the university network over one month.
Keywords :
computer network security; data analysis; game theory; local area networks; minimisation; CAMNEP; NetFlow data analysis; coordination value; distributed self-adaptation; game-theoretical approach; global optimization; intrusion detection system; regret minimization techniques; university network; Convergence; Game theory; Games; Intrusion detection; Minimization; Optimization; Robustness; Adaptation; Game Theory; IDS; Regret minimization;
Conference_Titel :
Web Intelligence and Intelligent Agent Technology (WI-IAT), 2011 IEEE/WIC/ACM International Conference on
Conference_Location :
Lyon
Print_ISBN :
978-1-4577-1373-6
Electronic_ISBN :
978-0-7695-4513-4
DOI :
10.1109/WI-IAT.2011.172
